LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-26-2004, 02:44 PM   #1
TRi-x2
LQ Newbie
 
Registered: Mar 2004
Posts: 3

Rep: Reputation: 0
Accessing SSH thru the net.


Hey, I'm in the process of installing gentoo linux, and I've been installing it thru ssh the entire time. Now, I want to continue the installation thru ssh, but I can't seem to be able to log into it from outside.

Putting in my internal LAN ip is useless, and using the routers regular ip that shows to the internet doesn't work either. I set port forwarding on the router, but that didn't help either.

Anyone have any idea what to do?
 
Old 03-26-2004, 05:14 PM   #2
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,782
Blog Entries: 1

Rep: Reputation: 413Reputation: 413Reputation: 413Reputation: 413Reputation: 413
Is your firewall blocking ssh from the internet? Can you still use ssh from inside your LAN? If you are pointing at the router's IP address and have port 22 forwarded to the right LAN IP address, that is good, but there are other places to trip up.
 
Old 03-26-2004, 10:15 PM   #3
TRi-x2
LQ Newbie
 
Registered: Mar 2004
Posts: 3

Original Poster
Rep: Reputation: 0
My router's firewall is off. I can access ssh from within the network, and I have port 22 forwarding on the proper machine. I don't know about the internal gentoo firewall, though I saw no documentation on it.

What are the other things I should check for this?
 
Old 03-27-2004, 06:53 AM   #4
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,782
Blog Entries: 1

Rep: Reputation: 413Reputation: 413Reputation: 413Reputation: 413Reputation: 413
The command iptables -L should show you the local firewall (you may have to be su to use this command). If you don't understand the output, post it and we can take a look. The other place to look would be in your /etc/hosts.deny file. It could be that entries there are causing trouble.

The fact that you can use ssh within your lan really points to either the local firewall or the router as the source of the problem.
 
Old 03-27-2004, 05:45 PM   #5
TRi-x2
LQ Newbie
 
Registered: Mar 2004
Posts: 3

Original Poster
Rep: Reputation: 0
I tried the iptables command, and it seems there's no firewall installed on it since it didn't work.

As for hosts.deny, there was no such file even. There was a hosts file and here's what it said :

Code:
127.0.0.1       localhost
# IPV6 versions of localhost and co
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
"/etc/hosts" 8L, 197C
 
Old 03-28-2004, 07:48 AM   #6
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,782
Blog Entries: 1

Rep: Reputation: 413Reputation: 413Reputation: 413Reputation: 413Reputation: 413
Quote:
I tried the iptables command, and it seems there's no firewall installed on it since it didn't work.
OK, it must have done something, if even an error message saying the command couldn't be found. Iptables is the default firewall for pretty much every linux distribution, so it is highly likely to be installed. Were you su or root when you tried the command? By default, iptables is usually installed in a directory only root has access to.

If you don't have a hosts.deny, that is OK. However, you might want to run find / -name hosts.deny just to be sure. Again, run this after becoming su so it can scan all the directories. The hosts file you posted is a different beast entirely and it probably won't concern us for this problem.

The other thing to do is to try to log in both from within and from outside your LAN and see if any information from ssh shows up in either /var/log/syslog or /var/log/messages
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
amaroK: How to prevent it from accessing the net? furryspider Linux - Software 2 09-17-2005 03:42 PM
Accessing the net via VMware's NAT texasholdem Linux - Networking 2 07-26-2005 11:41 AM
Accessing net using a LiveCD mooseman Linux - Security 5 10-30-2004 02:38 PM
modem users: how are u accessing the net? webazoid Linux - Software 9 08-17-2004 03:20 AM
accessing net thru' shell via windows gene_gEnie Linux - Networking 5 10-04-2001 02:24 PM


All times are GMT -5. The time now is 09:54 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration